Chapter 9. XML Canonicalization: The Key to Robustness

What is canonicalization? It is the extraction of the “standard form” of some data and the discarding of “insignificant” aspects of the data's surface representations, usually by restricting all surface representation choices to a single option. For example, ordinary ASCII text files appear on modern computers with a variety of conventions to indicate end-of-line. If you want to calculate a signature over such a file and then verify it when the file moves to a different platform with a different end-of-line convention, the signer and verifier need to use the canonicalized file with a standard end-of-line.

In principle, the standard form of data and the aspects considered insignificant depend ...

Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.